SUSE-SU-2024:0972-1

See a problem?

Import Source

https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2024:0972-1.json

JSON Data

https://api.osv.dev/v1/vulns/SUSE-SU-2024:0972-1

Related

CVE-2023-48795

Published

2024-03-22T10:21:42Z

Modified

2024-03-22T10:21:42Z

Summary

Security update for jbcrypt, trilead-ssh2

Details

This update for jbcrypt, trilead-ssh2 fixes the following issues:

CVE-2023-48795: Fixed prefix truncation breaking ssh channel integrity aka Terrapin Attack (bsc#1218198).

References

Affected packages

openSUSE:Leap 15.5 / trilead-ssh2

Package

Name: trilead-ssh2
Purl: purl:rpm/suse/trilead-ssh2&distro=openSUSE%20Leap%2015.5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

217.293.v56de4d4d3515-150200.3.7.1

Ecosystem specific

{
    "binaries": [
        {
            "trilead-ssh2": "217.293.v56de4d4d3515-150200.3.7.1",
            "trilead-ssh2-javadoc": "217.293.v56de4d4d3515-150200.3.7.1"
        }
    ]
}